Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/6ce076-126e-4e48-a759-aa5bb0abac23/1/58vpK8vRiMDsKrPDcpGa-DJvE88.roa
File: 58vpK8vRiMDsKrPDcpGa-DJvE88.roa (raw, json)
Hash identifier: sInLzOJCLuIv4eBWcJWicm0cgoZkrirnczsJmugMVLs=
Subject key identifier: E7:CB:E9:2B:CB:D1:88:C0:EC:2A:B3:C3:72:91:9A:F8:32:6F:13:CF
Certificate issuer: /CN=a33cd6279e3adc199cced1448f80881842959dbb
Certificate serial: 019A29A530DA0B7852FE6E061AB06C6387FC
Authority key identifier: A3:3C:D6:27:9E:3A:DC:19:9C:CE:D1:44:8F:80:88:18:42:95:9D:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ozzWJ5463BmcztFEj4CIGEKVnbs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/6ce076-126e-4e48-a759-aa5bb0abac23/1/58vpK8vRiMDsKrPDcpGa-DJvE88.roa
Signing time: Tue 28 Oct 2025 07:08:03 +0000
ROA not before: Tue 28 Oct 2025 07:08:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49650
IP address blocks: 37.130.208.0/21 maxlen: 21
91.215.64.0/22 maxlen: 22
188.65.20.0/22 maxlen: 22
195.49.176.0/24 maxlen: 24
195.49.177.0/24 maxlen: 24
195.49.178.0/24 maxlen: 24
195.49.179.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/6ce076-126e-4e48-a759-aa5bb0abac23/1/ozzWJ5463BmcztFEj4CIGEKVnbs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/6ce076-126e-4e48-a759-aa5bb0abac23/1/ozzWJ5463BmcztFEj4CIGEKVnbs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ozzWJ5463BmcztFEj4CIGEKVnbs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:29:a5:30:da:0b:78:52:fe:6e:06:1a:b0:6c:63:87:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a33cd6279e3adc199cced1448f80881842959dbb
Validity
Not Before: Oct 28 07:08:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e7cbe92bcbd188c0ec2ab3c372919af8326f13cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:3d:2e:de:cb:94:9d:05:10:b6:df:4c:69:6f:
00:2f:9e:40:4a:e1:aa:ec:48:69:bc:31:9a:52:ef:
47:ea:0b:91:46:5d:dd:b3:c4:0d:68:3c:68:d9:40:
3f:ce:b5:e4:2c:3d:01:02:8c:72:87:07:ed:c8:59:
ee:0f:d5:d3:a1:16:96:ca:96:3d:e2:5f:48:96:04:
25:a6:89:5e:32:28:b3:30:a6:53:a9:7d:84:07:5d:
00:cd:bd:b6:c1:f3:6e:d4:86:37:8b:7e:4c:03:1f:
49:3b:0b:82:a7:ef:ab:43:1b:c2:1b:a5:51:1f:2f:
fa:65:d8:a3:c2:c9:04:0c:95:4e:8b:81:f0:dd:01:
b0:a4:e9:ce:fe:82:af:17:5b:d0:fe:27:86:2a:70:
a1:d6:c9:85:d4:fa:e2:e7:03:4b:91:8a:d0:61:df:
32:54:2f:26:11:a5:15:e9:d0:6e:42:17:33:8b:1f:
12:48:7f:5a:d6:ca:be:e2:8d:3c:71:b6:68:5b:11:
06:08:9b:85:fe:d7:ff:48:5d:4b:8b:31:26:e8:84:
3d:19:8b:86:85:d2:61:c2:fd:59:ff:b2:a4:30:3a:
06:37:0b:b5:83:50:a6:83:27:94:25:9c:51:95:6d:
25:ac:a4:91:f6:9a:b1:a9:a0:b9:f2:26:c9:1e:ce:
fb:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:CB:E9:2B:CB:D1:88:C0:EC:2A:B3:C3:72:91:9A:F8:32:6F:13:CF
X509v3 Authority Key Identifier:
keyid:A3:3C:D6:27:9E:3A:DC:19:9C:CE:D1:44:8F:80:88:18:42:95:9D:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ozzWJ5463BmcztFEj4CIGEKVnbs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6ce076-126e-4e48-a759-aa5bb0abac23/1/58vpK8vRiMDsKrPDcpGa-DJvE88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6ce076-126e-4e48-a759-aa5bb0abac23/1/ozzWJ5463BmcztFEj4CIGEKVnbs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.130.208.0/21
91.215.64.0/22
188.65.20.0/22
195.49.176.0/22
Signature Algorithm: sha256WithRSAEncryption
63:d5:1a:1f:a8:f7:81:e1:69:a0:6e:9f:a3:48:f6:34:ac:e9:
d5:f7:bd:31:4e:d6:b6:62:1c:e9:de:99:c5:87:e3:57:77:77:
78:42:02:f0:3a:f3:2e:ae:a8:a9:ea:11:53:ed:c5:d8:c2:84:
5a:5d:36:f9:ff:24:cc:7d:3a:57:b7:be:13:f9:56:04:1f:f6:
52:9e:b6:e2:de:78:20:a3:e0:ac:99:70:f7:69:95:61:eb:76:
2f:51:88:16:1c:c3:95:6f:c8:d5:3f:3b:f6:de:44:fe:16:9e:
4c:22:28:36:a8:9e:2d:74:97:21:fd:ce:51:12:a4:c2:d8:64:
ac:dd:a0:f1:68:10:4c:36:a9:e4:d6:ac:15:64:be:2e:00:b5:
c2:39:17:16:6f:60:57:95:52:79:31:bb:64:9e:57:03:fc:3f:
13:25:98:4b:65:78:e3:8c:45:d4:e1:28:b7:9a:4f:99:50:91:
d7:53:f7:de:e4:c1:de:15:65:0e:4d:36:fb:c9:a1:8e:c0:94:
02:0b:c0:5b:37:5f:37:74:51:95:c4:6f:97:91:6b:7a:92:04:
1b:8e:f2:5d:5a:81:58:63:c1:b5:cc:d8:0e:c9:c6:90:50:86:
d1:bf:96:94:11:82:27:27:7d:6f:f7:68:44:ab:9f:13:b6:16:
af:bd:04:dc
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZoppTDaC3hS/m4GGrBsY4f8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzM2NkNjI3OWUzYWRjMTk5Y2NlZDE0NDhmODA4ODE4NDI5
NTlkYmIwHhcNMjUxMDI4MDcwODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2NiZTkyYmNiZDE4OGMwZWMyYWIzYzM3MjkxOWFmODMyNmYxM2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4D0u3suUnQUQtt9MaW8AL55ASuGq
7EhpvDGaUu9H6guRRl3ds8QNaDxo2UA/zrXkLD0BAoxyhwftyFnuD9XToRaWypY9
4l9IlgQlpoleMiizMKZTqX2EB10Azb22wfNu1IY3i35MAx9JOwuCp++rQxvCG6VR
Hy/6ZdijwskEDJVOi4Hw3QGwpOnO/oKvF1vQ/ieGKnCh1smF1Pri5wNLkYrQYd8y
VC8mEaUV6dBuQhczix8SSH9a1sq+4o08cbZoWxEGCJuF/tf/SF1LizEm6IQ9GYuG
hdJhwv1Z/7KkMDoGNwu1g1CmgyeUJZxRlW0lrKSR9pqxqaC58ibJHs774QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOfL6SvL0YjA7Cqzw3KRmvgybxPPMB8GA1UdIwQY
MBaAFKM81ieeOtwZnM7RRI+AiBhClZ27MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3p6V0o1NDYzQm1jenRGRWo0Q0lHRUtWbmJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy82Y2UwNzYtMTI2ZS00ZTQ4LWE3NTkt
YWE1YmIwYWJhYzIzLzEvNTh2cEs4dlJpTURzS3JQRGNwR2EtREp2RTg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy82Y2UwNzYtMTI2ZS00ZTQ4LWE3NTktYWE1YmIwYWJhYzIz
LzEvb3p6V0o1NDYzQm1jenRGRWo0Q0lHRUtWbmJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDJYLQAwQC
W9dAAwQCvEEUAwQCwzGwMA0GCSqGSIb3DQEBCwUAA4IBAQBj1RofqPeB4Wmgbp+j
SPY0rOnV970xTta2Yhzp3pnFh+NXd3d4QgLwOvMurqip6hFT7cXYwoRaXTb5/yTM
fTpXt74T+VYEH/ZSnrbi3nggo+CsmXD3aZVh63YvUYgWHMOVb8jVPzv23kT+Fp5M
Iig2qJ4tdJch/c5REqTC2GSs3aDxaBBMNqnk1qwVZL4uALXCORcWb2BXlVJ5Mbtk
nlcD/D8TJZhLZXjjjEXU4Si3mk+ZUJHXU/fe5MHeFWUOTTb7yaGOwJQCC8BbN183
dFGVxG+XkWt6kgQbjvJdWoFYY8G1zNgOycaQUIbRv5aUEYInJ31v92hEq58Tthav
vQTc
-----END CERTIFICATE-----
Generated at Tue Nov 4 09:41:40 2025 by rpki-client